Description

The IncomingMailServers resource in Atlassian Jira before version 7.6.2 allows remote attackers to modify the "incoming mail" whitelist setting via a Cross-site request forgery (CSRF) vulnerability.

Remediation

References

CVE-2017-16862

Related Vulnerabilities

WordPress Plugin GA Google Analytics Cross-Site Scripting (20210211)

MySQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2009-4030)

WordPress Plugin ShareThis:Free Sharing Buttons and Tools Cross-Site Request Forgery (7.0.5)

WordPress Plugin Google Doc Embedder Arbitrary File Disclosure (2.4.6)

Internet Information Services CVE-2008-0074 Vulnerability (CVE-2008-0074)

Severity

Medium

Classification

CVE-2017-16862 CWE-352

Tags

Missing Update Known Vulnerabilities